-
Notifications
You must be signed in to change notification settings - Fork 4
/
ingress.yml
100 lines (100 loc) · 3.83 KB
/
ingress.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
namespace: default
annotations:
alb.ingress.kubernetes.io/load-balancer-name: my-alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
# kubernetes.io/ingress.class: nginx - Not needed when ingressClassName is used below
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
alb.ingress.kubernetes.io/ssl-redirect: "443"
alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS13-1-2-2021-06
alb.ingress.kubernetes.io/backend-protocol: HTTPS
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:<region>:<account>:certificate/<GUID>
#alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 Use this in individual Service
alb.ingress.kubernetes.io/load-balancer-attributes: routing.http2.enabled=true
alb.ingress.kubernetes.io/load-balancer-attributes: idle_timeout.timeout_seconds=60
alb.ingress.kubernetes.io/target-group-attributes: stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=1800
alb.ingress.kubernetes.io/auth-session-cookie: <name>
alb.ingress.kubernetes.io/auth-session-timeout: "3600"
alb.ingress.kubernetes.io/healthcheck-port: traffic-port
alb.ingress.kubernetes.io/healthcheck-protocol: HTTPS
#Important Note: Need to add health check path annotations in service level if we are planning to use multiple targets in a load balancer
#alb.ingress.kubernetes.io/healthcheck-path:
alb.ingress.kubernetes.io/healthcheck-interval-seconds: "20"
alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "10"
alb.ingress.kubernetes.io/healthy-threshold-count: "3"
alb.ingress.kubernetes.io/unhealthy-threshold-count: "3"
alb.ingress.kubernetes.io/success-codes: "200"
#nginx.ingress.kubernetes.io/ssl-redirect: "false"
#nginx.ingress.kubernetes.io/rewrite-target: /$2
#nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
# nginx.ingress.kubernetes.io/ssl-passthrough: "true"
# nginx.ingress.kubernetes.io/app-root: /
# nginx.ingress.kubernetes.io/affinity: "cookie"
# nginx.ingress.kubernetes.io/session-cookie-name: "ingress-cookie"
# nginx.ingress.kubernetes.io/session-cookie-name: "route"
# nginx.ingress.kubernetes.io/session-cookie-hash: "sha1"
# nginx.ingress.kubernetes.io/session-cookie-expires: "600"
# nginx.ingress.kubernetes.io/session-cookie-max-age: "600"
# cert-manager.io/cluster-issuer: "letsencrypt"
# cert-manager.io/acme-challenge-type: http01
# kubernetes.io/tls-acme: 'true'
labels:
app: ingress
spec:
ingressClassName: alb
# tls:
# - hosts:
# - khteh.io
# secretName: tls-secret
rules:
- host:
http:
paths:
- pathType: Prefix
path: /aspnetcorewebapi(/|$)(.*)
backend:
service:
name: svc-aspnetcorewebapi
port:
number: 443
- host:
http:
paths:
- pathType: Prefix
path: /gorestapi(/|$)(.*)
backend:
service:
name: svc-gorestapi
port:
number: 443
- host:
http:
paths:
- pathType: Prefix
path: /pythonrestapi(/|$)(.*)
backend:
service:
name: svc-pythonrestapi
port:
number: 443
- host:
http:
paths:
- pathType: Prefix
path: /nodejsrestapi(/|$)(.*)
backend:
service:
name: svc-nodejsrestapi
port:
number: 443
# - pathType: Prefix
# path: /kibana(/|$)(.*)
# backend:
# service:
# name: svc-kibana
# port:
# number: 5601